Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic Status
Mohacsi Janos <mohacsi@niif.hu> Thu, 07 April 2011 08:54 UTC
Return-Path: <mohacsi@niif.hu>
X-Original-To: v6ops@core3.amsl.com
Delivered-To: v6ops@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BB4813A68DF for <v6ops@core3.amsl.com>; Thu, 7 Apr 2011 01:54:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.359
X-Spam-Level:
X-Spam-Status: No, score=0.359 tagged_above=-999 required=5 tests=[AWL=-0.237, BAYES_00=-2.599, HELO_EQ_HU=1.35, HOST_EQ_HU=1.245, J_CHICKENPOX_13=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AsZu7rDc8uCD for <v6ops@core3.amsl.com>; Thu, 7 Apr 2011 01:54:42 -0700 (PDT)
Received: from mail.ki.iif.hu (mail.ki.iif.hu [IPv6:2001:738:0:411::241]) by core3.amsl.com (Postfix) with ESMTP id 250693A68D6 for <v6ops@ietf.org>; Thu, 7 Apr 2011 01:54:42 -0700 (PDT)
Received: from cirkusz.lvs.iif.hu (cirkusz.lvs.iif.hu [193.225.14.182]) by mail.ki.iif.hu (Postfix) with ESMTP id 57A5C8723F; Thu, 7 Apr 2011 10:56:25 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at cirkusz.lvs.iif.hu
Received: from mail.ki.iif.hu ([IPv6:::ffff:193.6.222.241]) by cirkusz.lvs.iif.hu (cirkusz.lvs.iif.hu [::ffff:193.225.14.72]) (amavisd-new, port 10024) with ESMTP id LfirLNmsc9h0; Thu, 7 Apr 2011 10:56:09 +0200 (CEST)
Received: by mail.ki.iif.hu (Postfix, from userid 9002) id 4D82B8720B; Thu, 7 Apr 2011 10:56:09 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1]) by mail.ki.iif.hu (Postfix) with ESMTP id 45DE686D16; Thu, 7 Apr 2011 10:56:09 +0200 (CEST)
Date: Thu, 07 Apr 2011 10:56:09 +0200
From: Mohacsi Janos <mohacsi@niif.hu>
X-X-Sender: mohacsi@mignon.ki.iif.hu
To: Dmitry Anipko <Dmitry.Anipko@microsoft.com>
In-Reply-To: <DD1A73D9E9C89144A927C5080F70285A015E3F1E009A@NA-EXMSG-S702.segroup.winse.corp.microsoft.com>
Message-ID: <alpine.BSF.2.00.1104071055230.87087@mignon.ki.iif.hu>
References: <0AB09EDBCD1C484EBE45978D62F3513C3CD8A349@TK5EX14MBXW601.wingroup.windeploy.ntdev.microsoft.com> <BANLkTimjZ4SjCPE1xS1erf4_9ZEEharNhA@mail.gmail.com> <BANLkTims5GD5r6NLHayn3JqzDpd8K+u7+g@mail.gmail.com> <BANLkTinGNRmYK6-0Xc-2r5VUgz7smYD+hg@mail.gmail.com> <41E97647-E5FF-4077-ACF5-00C157E40C59@bogus.com> <0AB09EDBCD1C484EBE45978D62F3513C3CD8ABB4@TK5EX14MBXW601.wingroup.windeploy.ntdev.microsoft.com> <alpine.LRH.2.02.1104071034280.14313@netcore.fi> <DD1A73D9E9C89144A927C5080F70285A015E3F1E009A@NA-EXMSG-S702.segroup.winse.corp.microsoft.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Cc: "v6ops@ietf.org" <v6ops@ietf.org>, Carlos Martinez-Cagnazzo <carlos@lacnic.net>, Christopher Palmer <Christopher.Palmer@microsoft.com>
Subject: Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic Status
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Apr 2011 08:54:43 -0000
On Thu, 7 Apr 2011, Dmitry Anipko wrote: > Hi Pekka, > >>> When connecting to a dual-stack server with IP addresses 2.2.2.2 and > 2001:db8::1.It will use 6to4 instead of IPv4 through NAT. FAIL. >>> 2) 6to4 is used if v4 has mismatching scope (private->public) > > Windows implementation treats RFC 1918 prefixes as public, specifically > due to this reason, so on Windows, in this scenario v4->v4 is preferred > over 6to4->native v6. Same for FreeBSD, OpenBSD and NetBSD. > > Thank you, > Dmitry > -----Original Message----- > From: v6ops-bounces@ietf.org [mailto:v6ops-bounces@ietf.org] On Behalf Of Pekka Savola > Sent: Thursday, April 07, 2011 12:44 AM > To: Christopher Palmer > Cc: v6ops@ietf.org; Carlos Martinez-Cagnazzo > Subject: Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic Status > > On Thu, 7 Apr 2011, Christopher Palmer wrote: >> "A host with a public but natted v4 address will alwas get hosed by this." >> >> A host in that condition will have a broken 6to4 address, but won't experience a degradation in their web experience if they have RFC 3484 implemented. >> >> So really this would be the third proposed 6to4 mitigation: >> >> 1. Ensuring that IPv4->IPv4 is ranked higher than 6to4->IPv6 in the RFC 3484. >> 2. Changing default host behavior. (still being debated) >> 3. Deprecation of the prefix. >> >> Given (1) and (2), the operational value of 3 is still lost on me. Is the expectation that ISPs stop routing 6to4 packets? Is this a signal that we don't just hate 6to4, but we super hate it? > > This will require an update in the RFC 3484 implementation. Maybe > this is what you meant, or maybe not. > > Joel is probably referring to this: > > http://tools.ietf.org/html/draft-ietf-6man-rfc3484-revise-02#section-2.4 > > (This issue has a lot of history -- known for some 7-8yrs, see > http://tools.ietf.org/html/draft-ietf-v6ops-v6onbydefault-03#section-2.1) > > If I understand this correctly: > > The NAT44ting/6to4 gateway has public IP 1.1.1.1 (WAN) > It is advertising 2002:0101:0101:0::/64 out on LAN. > It is doing NAT on LAN. > > Hence, hosts behind such gateway have IPv6 address > 2002:0101:0101:0::EUI64 and 192.168.1.1. > > When connecting to a dual-stack server with IP addresses 2.2.2.2 and > 2001:db8::1. > > It will use 6to4 instead of IPv4 through NAT. FAIL. > > If the client would have had IP address 1.1.1.2 and > 2002:0101:0101:0::EUI64, with (current) RFC3484 implementation, it > would have preferred IPv4 instead of 6to4. > > So, there are are really two layers of RFC3484 brokenness: > > 1) not implemented at all > 2) 6to4 is used if v4 has mismatching scope (private->public) > > -- > Pekka Savola "You each name yourselves king, yet the > Netcore Oy kingdom bleeds." > Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops > > _______________________________________________ > v6ops mailing list > v6ops@ietf.org > https://www.ietf.org/mailman/listinfo/v6ops >
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Mark Andrews
- [v6ops] Deprecating 2002::/16 - 6to4 Historic Sta… Christopher Palmer
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Carlos Martinez-Cagnazzo
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Erik Kline
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… james woodyatt
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Carlos Martinez-Cagnazzo
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Erik Kline
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Christopher Palmer
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Joel Jaeggli
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Christopher Palmer
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Doug Barton
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Christopher Palmer
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Mikael Abrahamsson
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Doug Barton
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Pekka Savola
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Tore Anderson
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Brian E Carpenter
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Ole Troan
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Dmitry Anipko
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Roger Jørgensen
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Tore Anderson
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Mohacsi Janos
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Tore Anderson
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Nicolas Antoniello
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Carlos Martinez-Cagnazzo
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… George, Wes E [NTK]
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… james woodyatt
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Brian E Carpenter
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Brian E Carpenter
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Nicolas Antoniello
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… james woodyatt
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Brian E Carpenter
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Brian E Carpenter
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Cameron Byrne
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Cameron Byrne
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Brian E Carpenter
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Brian E Carpenter
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… james woodyatt
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… George, Wes E [NTK]
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Kevin Day
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Victor Kuarsingh
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Joel Jaeggli
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Gunter Van de Velde (gvandeve)
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Brian E Carpenter
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Mark Townsley
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Gunter Van de Velde (gvandeve)
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Brian E Carpenter
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… William F. Maton Sotomayor
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Geoff Huston
- Re: [v6ops] Deprecating 2002::/16 - 6to4 Historic… Geoff Huston